Apr 12, 2017

When hackers target the news

Steve Bowbrick/AP

In an earlier era, if someone didn't like what was reported about them, they could write a letter to the editor or run a full-page ad combating the piece. Today, independent and state-sponsored hackers are responding to articles, journalists and news institutions they don't like online by publishing private information about them or shutting down their websites completely.

Why it matters:

  • The news is at risk: Digital news lends itself to more cyberattacks, and the rate of digital news consumption is steadily increasing. This is especially problematic when news organizations are planning stories around highly-trafficked events that hackers can predict will have a big democratic impact, like the election night or inauguration.
  • Everyday people are unknowingly involved: Hackers use an army of digital bots to perform attacks, and those bots often operate attacks from "compromised machines," or the computers of regular, everyday people. Hackers will place malware (usually from spam emails) on people's computers that allow bots to mimic their website browser settings when conducting attacks, making it harder for news organizations to see them coming.

How it happens: The most common type of digital news attack is called a DDOS (distributed denial of service) attack, where hackers use a network of bots to direct a lot of traffic towards a website, overwhelming its server and shutting it down. Doxing, another type of cyberattack, is also frequently used, where attackers obtain and publish private information about people (journalists, politicians, etc.) with the intent of maliciously exposing their vulnerabilities. This has become more frequent in the past two years.

  • News sites: It was a DDOS attack that shut down a huge portion of our Internet last year for nearly a full day, including Twitter, The Guardian, Netflix, Reddit and CNN websites. Earlier this year, Reddit shut down Alt Right sub-channels for doxing.
  • Journalists: Earlier this year, Google sent an email warning to prominent journalists of attacks by a government-based hackers.
  • Campaigns: DDOS attacks were used in an attempt to shut down both the Clinton and Trump campaign websites during the election.

What's the solution? Media organizations choose content delivery networks (CDNs) to serve content safely and efficiently, and as a safeguard for unexpected traffic surges that might come from a very popular story – or unwanted attention from an attack designed to make their servers unavailable. The New York Times, for example, used a CDN company called Fastly to ensure their live election results map wouldn't be shut down on election night, due to high-traffic or a hack. In an interview with Axios, Fastly's Chief Security Officer Window Snyder says by routing traffic through servers distributed worldwide, content is closer to the user and decentralized, which is especially important if a website is managing high traffic or attacked. Some companies, like Facebook, are large enough to build out their own CDN's, but most digital news organizations will hire CDN companies to manage this process for them.

Go deeper